Miasma Worm Cripples GitHub Repos; Cisco Zero-Day Under Active Attack; Snowflake Breach Exposes 165 Customers

New TCLBANKER Trojan Spreads via WhatsApp and Outlook, Targeting 59 Brazilian Financial Apps

A new, highly advanced Brazilian banking trojan named TCLBANKER is targeting 59 different banking, fintech, and cryptocurrency platforms. The malware, an evolution of the 'Maverick' family linked to the threat actor 'Water Saci,' uses a worm component to sprea...

Snowflake Cloud Platform Breach Hits 165 Customers, Including Ticketmaster and Santander

A major security incident has struck cloud data platform Snowflake, affecting at least 165 of its customers. Attackers leveraged stolen customer credentials to gain access to their Snowflake instances, in some cases bypassing multi-factor authentication. High-...

Global Compliance Reshaped as NIS2, SEC Disclosure Rules, and AI Laws Come into Force

A significant wave of new cybersecurity regulations has come into force globally, fundamentally altering the compliance landscape for businesses. Key among them are the European Union's NIS2 Directive, which expands security mandates for critical infrastructur...

Mobile Banking Malware Surges 360% as Sophisticated Trojans Target 1,243 Financial Brands

The financial sector is facing an unprecedented wave of mobile threats, with a 3.6-fold (360%) increase in users encountering mobile banking trojans in 2026. These industrialized campaigns are targeting 1,243 financial brands in 90 countries. Advanced malware...

230 Million AWS Endpoints Compromised in Attack Exploiting Exposed .env Files

A massive, automated cyberattack has compromised over 230 million unique cloud endpoints hosted on Amazon Web Services (AWS). Threat actors systematically scanned the internet for publicly exposed environment (`.env`) files, which contain sensitive credentials...

29 Arrested as 'Operation KRATOS 2' Dismantles Nine Illegal Streaming Networks Across Europe

A coordinated law enforcement action spanning 13 European countries, dubbed 'Operation KRATOS 2,' has successfully dismantled nine criminal networks specializing in illegal online streaming. The operation resulted in 29 arrests and the shutdown of services tha...

Email Under Siege: AI, QR Codes, and Phishing-as-a-Service Fuel Surge in Attacks

Update:A new Egress report indicates a 28% increase in phishing attacks and a 52% rise in malicious emails bypassing secure email gateways in Q2 2026. Attackers are leveraging AI for deepfakes, chatbots, and 'payloadless' social engineering, with Microsoft being the...

Ransomware Market Consolidates in Q1 2026; Qilin Remains Top Threat as LockBit 5.0 Rebounds

Update:Following the successful takedown of the LockBit ransomware operation, the market is experiencing significant turmoil and a 'whack-a-mole' effect. Law enforcement disruptions have created a power vacuum, leading to the rapid emergence of new groups such as Ran...

China-Aligned APT Webworm Targets Europe, Using Discord and MS Graph for C2

Update:The China-aligned APT group Webworm, previously noted for using Discord and Microsoft Graph API for C2, has now been observed widely deploying the open-source SoftEther VPN client. This new tactic allows them to establish persistent, encrypted command-and-cont...

Cisco Catalyst SD-WAN Zero-Day Flaw Actively Exploited for Root Access

Update:New reports from June 7, 2026, reinforce the critical nature of CVE-2026-20245, a high-severity zero-day in Cisco Catalyst SD-WAN Manager. The vulnerability continues to be actively exploited in the wild, allowing an authenticated local attacker to achieve roo...